Does using CloudFront just to enable https make sense?

mitchus

1/19/23, 9:41 AM

If I have an EC2 instance, running a web app (HTTP), and I have an Amazon-provided SSL certificate, I can use CloudFront to make the EC2 instance accessible via HTTPS, handling the certificate automatically. Is this a legitimate use of CloudFront, or should this be done differently?

1173

0 + 0

https

amazon-cloudfront

amazon-web-services

Oscar De León

1/19/23, 5:17 PM

did you try using an Application Load Balancer? depending on your use case perhaps CF is overkill

mitchus

1/19/23, 6:49 PM

@OscarDeLeón I looked at ALB, however the base price seems pretty high for this particular instance - the ALB would cost about as much as the instance itself.

Score:9

Server

Tim

1/19/23, 6:32 PM

Yes using CloudFront is a legitimate way to enable https, and (as iBug pointed out in comments) can reduce your bandwidth egress costs a little. Another option is to use an application balancer, which integrates with AWS Certificate Manager (ACM) to enable https.

A lower cost method is to install a certificate directly on your EC2 instance using Lets Encrypt and some of their compatible software. You can't use an ACM certificate with just an EC2 instance. Certbot is a common piece of software used to request LE certs.

0 + 0

mitchus

1/19/23, 6:50 PM

Thanks for these pointers, I will be checking out Lets Encrypt

iBug

1/20/23, 5:53 AM

Using CloudFront generally *reduces* your cost if the origin is an EC2 instance (or S3). EC2 and S3 charges a flat egress price while CloudFront charges "use more, pay less", and it even starts lower (8.5¢ for US / Canada vs EC2 9¢).

Tim

1/20/23, 6:48 AM

Thanks iBug I added your comment to the answer. AWS bandwidth is pretty expensive either way, for some sites I use an external caching CDN which can reduce costs more.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Does using CloudFront just to enable https make sense?

TH: การใช้ CloudFront เพียงเพื่อเปิดใช้งาน https นั้นสมเหตุสมผลหรือไม่

RO: Are sens utilizarea CloudFront doar pentru a activa https?

RU: Имеет ли смысл использовать CloudFront только для включения https?

VI: Việc sử dụng CloudFront chỉ để kích hoạt https có hợp lý không?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.